GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,096
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,654
NuGet
638
pip
3,263
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
138 advisories
Filter by severity
Sequi PortBloque S has an improper authorization vulnerability, which may allow a low-privileged...
High
Unreviewed
CVE-2022-2661
was published
Aug 17, 2022
NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it...
High
Unreviewed
CVE-2022-31609
was published
Aug 6, 2022
A vulnerability classified as critical was found in SourceCodester Prison Management System 1.0....
High
Unreviewed
CVE-2022-2019
was published
Jun 10, 2022
Improper caller check in AR Emoji prior to SMR Jun-2022 Release 1 allows untrusted applications...
High
Unreviewed
CVE-2022-30717
was published
Jun 8, 2022
Missing caller check in Smart Things prior to version 1.7.85.12 allows attacker to access...
High
Unreviewed
CVE-2022-30746
was published
Jun 8, 2022
Dell OpenManage Enterprise Versions 3.8.3 and prior contain an improper authorization...
High
Unreviewed
CVE-2022-26857
was published
May 27, 2022
The “Teacher Edit” function of ShinHer StudyOnline System does not perform authority control....
High
Unreviewed
CVE-2021-42330
was published
May 24, 2022
The management page of the Orca HCM digital learning platform does not perform identity...
High
Unreviewed
CVE-2021-35964
was published
May 24, 2022
SAP Commerce - versions 2105.3, 2011.13, 2005.18, 1905.34, does not perform necessary...
High
Unreviewed
CVE-2021-40502
was published
May 24, 2022
The OptinMonster WordPress plugin is vulnerable to sensitive information disclosure and...
High
Unreviewed
CVE-2021-39341
was published
May 24, 2022
InHand Networks IR615 Router's Versions 2.3.0.r4724 and 2.3.0.r4870 cloud portal allows for self...
High
Unreviewed
CVE-2021-38486
was published
May 24, 2022
Versions up to, and including, 1.0.6, of the Access Demo Importer WordPress plugin are vulnerable...
High
Unreviewed
CVE-2021-39317
was published
May 24, 2022
TadTools special page is vulnerable to authorization bypass, thus remote attackers can use the...
High
Unreviewed
CVE-2021-41975
was published
May 24, 2022
The wp_ajax_upload-remote-file AJAX action of the External Media WordPress plugin before 1.0.34...
High
Unreviewed
CVE-2021-24311
was published
May 24, 2022
Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the WP...
High
Unreviewed
CVE-2021-24188
was published
May 24, 2022
Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the...
High
Unreviewed
CVE-2021-24192
was published
May 24, 2022
Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the WP...
High
Unreviewed
CVE-2021-24191
was published
May 24, 2022
Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the...
High
Unreviewed
CVE-2021-24190
was published
May 24, 2022
Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the...
High
Unreviewed
CVE-2021-24193
was published
May 24, 2022
Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the...
High
Unreviewed
CVE-2021-24195
was published
May 24, 2022
Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the...
High
Unreviewed
CVE-2021-24194
was published
May 24, 2022
A flaw was found in grub2 in versions prior to 2.06. The cutmem command does not honor secure...
High
Unreviewed
CVE-2020-27779
was published
May 24, 2022
A vulnerability in the API subsystem of Cisco Unified Contact Center Express (Unified CCX) could...
High
Unreviewed
CVE-2020-3267
was published
May 24, 2022
A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker...
High
Unreviewed
CVE-2019-12671
was published
May 24, 2022
A vulnerability in the web-based management interface of Cisco Adaptive Security Appliance (ASA)...
High
Unreviewed
CVE-2019-1934
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API